Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a31343a3a2f34382d3438203d3e203336323336.roa
File:                     326130303a646438303a31343a3a2f34382d3438203d3e203336323336.roa (raw, json)
Hash identifier:          SmtaU7x/QEF/gfxk3mRM3lCGAnmunL4uHgmBq3LdpL8=
Subject key identifier:   D3:47:2A:60:7C:73:79:0D:42:C7:5B:96:DA:A8:B7:8F:4E:B3:0E:51
Certificate issuer:       /CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
Certificate serial:       3055361EADD3A18B8BC3364D6E19C64111EE6CE8
Authority key identifier: EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a31343a3a2f34382d3438203d3e203336323336.roa
Signing time:             Mon 02 Sep 2024 20:13:06 +0000
ROA not before:           Mon 02 Sep 2024 20:08:06 +0000
ROA not after:            Mon 01 Sep 2025 20:13:06 +0000
asID:                     36236
IP address blocks:        2a00:dd80:14::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:55:36:1e:ad:d3:a1:8b:8b:c3:36:4d:6e:19:c6:41:11:ee:6c:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
        Validity
            Not Before: Sep  2 20:08:06 2024 GMT
            Not After : Sep  1 20:13:06 2025 GMT
        Subject: CN=D3472A607C73790D42C75B96DAA8B78F4EB30E51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:0a:31:45:eb:9a:a3:d4:27:56:9a:78:c7:85:
                    42:bc:3d:4d:15:8a:8b:8c:85:f4:cc:1a:0c:dd:d5:
                    c3:2e:1b:92:e6:16:2f:ab:6e:88:32:34:bf:1f:84:
                    7c:9d:27:8f:d3:76:78:44:62:8a:79:9f:6d:c6:3e:
                    b0:79:1a:54:26:f8:cd:71:fe:71:35:6c:af:19:26:
                    71:9f:3f:5f:d6:32:4b:3d:98:68:b2:4c:15:d3:8f:
                    71:24:5e:a7:78:72:7e:a6:fe:a6:73:14:16:2d:c5:
                    a0:c8:73:88:e3:cf:f2:c6:cb:6a:fb:1b:ed:07:4f:
                    79:5e:29:2e:65:ef:91:3e:5f:48:15:eb:1b:08:e1:
                    5e:2c:6a:b1:b0:fc:76:8c:58:a1:40:1c:d6:e9:8f:
                    fd:ae:ba:8d:af:b0:87:d1:07:2e:7d:ec:6e:90:61:
                    0b:f0:91:54:28:aa:68:13:b7:57:98:54:73:f7:13:
                    0d:a1:9f:13:75:2c:8d:83:fe:98:9b:9e:91:ef:73:
                    70:8e:9d:42:1c:e7:fb:8b:62:76:6b:20:f3:bb:26:
                    d1:81:0b:c7:c1:b6:63:3e:a0:34:cd:78:85:74:26:
                    27:4e:d3:ca:41:30:b3:70:ee:cd:21:e8:d7:3b:84:
                    23:38:01:26:15:2e:91:91:64:9b:65:be:aa:b7:45:
                    31:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:47:2A:60:7C:73:79:0D:42:C7:5B:96:DA:A8:B7:8F:4E:B3:0E:51
            X509v3 Authority Key Identifier:
                keyid:EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a31343a3a2f34382d3438203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:dd80:14::/48

    Signature Algorithm: sha256WithRSAEncryption
         55:0c:c5:0c:c1:8b:c4:e6:ae:07:83:b8:d4:4b:15:06:d3:33:
         18:f0:27:25:bf:b5:82:f5:3b:26:a1:7a:f3:85:17:56:14:c8:
         7a:db:e4:26:76:fe:67:84:ff:ce:c4:09:d9:60:17:35:66:e0:
         e1:e2:35:ec:6b:5f:8c:66:f4:cc:a9:38:13:a3:ce:41:6c:bb:
         8b:07:4f:1d:f1:dc:8b:70:8f:14:12:f0:58:09:1c:f7:16:93:
         77:e4:c3:1d:e4:a4:50:27:c9:94:22:dd:f2:11:81:32:a5:d9:
         63:4a:41:cd:78:fe:38:2c:3c:c3:28:6b:bc:2b:e2:cd:1e:4a:
         30:2e:34:0c:02:d0:46:68:fc:15:53:92:7e:d8:85:b0:f0:f8:
         9c:83:fe:ba:05:2d:f6:7a:b6:95:fe:b4:69:2a:2e:71:12:03:
         14:bd:8b:b4:66:eb:83:ff:50:e0:28:62:b1:aa:62:ec:0b:9a:
         d2:a4:27:b2:34:e9:97:37:93:a0:a5:23:17:2f:e6:63:bd:d6:
         65:c3:fb:19:f6:ed:f5:98:0f:92:1a:ed:38:cd:df:b8:b2:ee:
         c0:68:7e:98:25:11:13:8d:52:75:f9:a6:b2:5a:48:f9:9a:1b:
         83:f5:52:84:0f:45:42:72:98:04:fa:c1:90:91:62:af:a9:ec:
         61:78:aa:10
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIUMFU2Hq3ToYuLwzZNbhnGQRHubOgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWIyYzdlNjI1MDNiMDYzNGViNGFiNTNmODhjMDY5NTBh
Yzc2ZGNkMTAeFw0yNDA5MDIyMDA4MDZaFw0yNTA5MDEyMDEzMDZaMDMxMTAvBgNV
BAMTKEQzNDcyQTYwN0M3Mzc5MEQ0MkM3NUI5NkRBQThCNzhGNEVCMzBFNTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8CjFF65qj1CdWmnjHhUK8PU0V
iouMhfTMGgzd1cMuG5LmFi+rbogyNL8fhHydJ4/TdnhEYop5n23GPrB5GlQm+M1x
/nE1bK8ZJnGfP1/WMks9mGiyTBXTj3EkXqd4cn6m/qZzFBYtxaDIc4jjz/LGy2r7
G+0HT3leKS5l75E+X0gV6xsI4V4sarGw/HaMWKFAHNbpj/2uuo2vsIfRBy597G6Q
YQvwkVQoqmgTt1eYVHP3Ew2hnxN1LI2D/pibnpHvc3COnUIc5/uLYnZrIPO7JtGB
C8fBtmM+oDTNeIV0JidO08pBMLNw7s0h6Nc7hCM4ASYVLpGRZJtlvqq3RTFHAgMB
AAGjggIpMIICJTAdBgNVHQ4EFgQU00cqYHxzeQ1Cx1uW2qi3j06zDlEwHwYDVR0j
BBgwFoAU6yx+YlA7BjTrSrU/iMBpUKx23NEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMS9FQjJDN0U2MjUw
M0IwNjM0RUI0QUI1M0Y4OEMwNjk1MEFDNzZEQ0QxLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNnl4LVlsQTdCalRyU3JVX2lNQnBVS3gyM05FLmNlcjCBpgYIKwYB
BQUHAQsEgZkwgZYwgZMGCCsGAQUFBzALhoGGcnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzZjY4NjYxMDg0Yjg2
LzEvMzI2MTMwMzAzYTY0NjQzODMwM2EzMTM0M2EzYTJmMzQzODJkMzQzODIwM2Qz
ZTIwMzMzNjMyMzMzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoA3YAAFDANBgkqhkiG9w0BAQsFAAOC
AQEAVQzFDMGLxOauB4O41EsVBtMzGPAnJb+1gvU7JqF684UXVhTIetvkJnb+Z4T/
zsQJ2WAXNWbg4eI17GtfjGb0zKk4E6POQWy7iwdPHfHci3CPFBLwWAkc9xaTd+TD
HeSkUCfJlCLd8hGBMqXZY0pBzXj+OCw8wyhrvCvizR5KMC40DALQRmj8FVOSftiF
sPD4nIP+ugUt9nq2lf60aSoucRIDFL2LtGbrg/9Q4Chisapi7Aua0qQnsjTplzeT
oKUjFy/mY73WZcP7Gfbt9ZgPkhrtOM3fuLLuwGh+mCURE41SdfmmslpI+Zobg/VS
hA9FQnKYBPrBkJFir6nsYXiqEA==
-----END CERTIFICATE-----